Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/bfa007-29e9-4fc7-956d-b0e8c33040fa/1/3ZkB-oFfm8oIdKapf1bVn0v7WCI.roa
File:                     3ZkB-oFfm8oIdKapf1bVn0v7WCI.roa (raw, json)
Hash identifier:          EUqB+zpgjP3KdhZ5mbRwlZf8is2hcsVKRH0TpzdIurc=
Subject key identifier:   DD:99:01:FA:81:5F:9B:CA:08:74:A6:A9:7F:56:D5:9F:4B:FB:58:22
Certificate issuer:       /CN=58c4ea7a385efa36724196b4343960baa47cbeb7
Certificate serial:       7C5B23
Authority key identifier: 58:C4:EA:7A:38:5E:FA:36:72:41:96:B4:34:39:60:BA:A4:7C:BE:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WMTqejhe-jZyQZa0NDlguqR8vrc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/bfa007-29e9-4fc7-956d-b0e8c33040fa/1/3ZkB-oFfm8oIdKapf1bVn0v7WCI.roa
Signing time:             Sat 01 Jan 2022 02:59:50 +0000
ROA not before:           Sat 01 Jan 2022 02:59:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34863
IP address blocks:        194.30.173.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8149795 (0x7c5b23)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58c4ea7a385efa36724196b4343960baa47cbeb7
        Validity
            Not Before: Jan  1 02:59:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=dd9901fa815f9bca0874a6a97f56d59f4bfb5822
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:82:1f:ae:14:e3:c7:ed:a3:c5:67:04:18:cb:
                    a2:a2:9b:73:7f:99:ab:f9:e0:b4:14:cc:b8:63:0a:
                    c7:41:25:0c:5f:fd:10:78:c9:cb:80:12:31:a0:cf:
                    e0:72:05:83:4e:0b:9b:60:b2:cb:34:6a:46:5c:4c:
                    66:ee:43:4f:ff:4f:a0:39:64:ea:a9:17:b8:1d:88:
                    39:64:fd:ed:92:b6:58:3c:2f:ed:82:38:77:09:d1:
                    76:a2:e1:26:a5:96:8a:cf:35:41:a1:5a:53:a6:bb:
                    99:6c:08:ab:67:b6:24:7b:47:fd:bf:51:ab:cd:47:
                    be:09:81:3f:89:12:eb:18:3b:5a:16:a0:10:cc:da:
                    29:41:26:ed:26:a4:15:8e:0c:89:ba:70:24:25:76:
                    70:e8:3a:51:71:ee:89:fb:05:cb:9f:fe:76:ab:68:
                    a1:75:aa:10:16:bd:8f:e2:03:c3:04:99:c8:a3:2b:
                    a4:ac:4b:8a:87:b9:15:db:8b:35:3b:5e:d8:59:08:
                    fa:ef:38:83:c7:64:02:cb:03:91:68:43:e0:6d:48:
                    1b:91:75:c2:0f:b0:99:ab:ab:e2:f3:4b:40:e5:be:
                    e7:70:4d:e9:d9:58:ad:fb:64:eb:bd:59:78:e1:3a:
                    ed:91:28:5b:92:5b:86:c8:5e:6a:83:cf:cb:77:2d:
                    1d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:99:01:FA:81:5F:9B:CA:08:74:A6:A9:7F:56:D5:9F:4B:FB:58:22
            X509v3 Authority Key Identifier:
                keyid:58:C4:EA:7A:38:5E:FA:36:72:41:96:B4:34:39:60:BA:A4:7C:BE:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WMTqejhe-jZyQZa0NDlguqR8vrc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bfa007-29e9-4fc7-956d-b0e8c33040fa/1/3ZkB-oFfm8oIdKapf1bVn0v7WCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bfa007-29e9-4fc7-956d-b0e8c33040fa/1/WMTqejhe-jZyQZa0NDlguqR8vrc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.30.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c0:59:c9:c9:b8:a0:8f:85:58:6b:23:a1:3a:3d:bd:ba:58:5b:
         80:3b:1e:8b:bf:e0:82:18:c9:fd:e4:5a:9e:74:8c:c9:b6:9a:
         2d:a6:1a:f3:0e:3c:92:6e:c7:e3:0c:d9:3a:09:2f:af:39:fc:
         93:5e:0c:37:30:e7:12:57:59:ac:0f:1a:cd:f7:77:06:d1:c9:
         9f:b4:cf:6f:82:21:fb:be:87:23:7a:63:26:f5:fd:4b:e0:8b:
         a1:dd:01:80:e5:62:ed:6a:9a:67:08:6d:fb:e7:76:4e:95:1f:
         f3:c0:7e:6d:3f:03:c5:e1:e1:dc:1b:c9:0f:8e:33:a3:86:3d:
         a5:48:60:c6:6e:82:09:f4:46:af:1a:dc:26:23:30:08:2a:73:
         55:69:a2:e4:2b:09:0a:5e:5e:06:90:33:93:01:4f:b9:f1:58:
         52:9e:b5:a4:bf:2a:49:ea:f9:fa:96:4f:83:a3:85:8c:88:e3:
         26:d2:bb:b0:2a:a7:14:cb:97:37:e5:dc:6c:ac:1a:f0:da:81:
         7c:1e:28:15:b9:b0:83:a6:7b:49:b8:6a:5a:00:08:3c:8d:0c:
         08:2c:05:92:ca:c7:60:29:cf:54:2b:af:02:fa:00:7e:f7:bd:
         e8:6f:14:b4:d8:93:64:96:50:94:52:c3:ee:71:12:b9:9f:af:
         aa:2a:b8:7e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDfFsjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU4
YzRlYTdhMzg1ZWZhMzY3MjQxOTZiNDM0Mzk2MGJhYTQ3Y2JlYjcwHhcNMjIwMTAx
MDI1OTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZDk5MDFmYTgxNWY5
YmNhMDg3NGE2YTk3ZjU2ZDU5ZjRiZmI1ODIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnoIfrhTjx+2jxWcEGMuioptzf5mr+eC0FMy4YwrHQSUMX/0Q
eMnLgBIxoM/gcgWDTgubYLLLNGpGXExm7kNP/0+gOWTqqRe4HYg5ZP3tkrZYPC/t
gjh3CdF2ouEmpZaKzzVBoVpTpruZbAirZ7Yke0f9v1GrzUe+CYE/iRLrGDtaFqAQ
zNopQSbtJqQVjgyJunAkJXZw6DpRce6J+wXLn/52q2ihdaoQFr2P4gPDBJnIoyuk
rEuKh7kV24s1O17YWQj67ziDx2QCywORaEPgbUgbkXXCD7CZq6vi80tA5b7ncE3p
2Vit+2TrvVl44TrtkShbkluGyF5qg8/Ldy0dwwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFN2ZAfqBX5vKCHSmqX9W1Z9L+1giMB8GA1UdIwQYMBaAFFjE6no4Xvo2ckGW
tDQ5YLqkfL63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
V01UcWVqaGUtalp5UVphME5EbGd1cVI4dnJjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yYy9iZmEwMDctMjllOS00ZmM3LTk1NmQtYjBlOGMzMzA0MGZhLzEv
M1prQi1vRmZtOG9JZEthcGYxYlZuMHY3V0NJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9i
ZmEwMDctMjllOS00ZmM3LTk1NmQtYjBlOGMzMzA0MGZhLzEvV01UcWVqaGUtalp5
UVphME5EbGd1cVI4dnJjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh6tMA0GCSqGSIb3DQEBCwUAA4IB
AQDAWcnJuKCPhVhrI6E6Pb26WFuAOx6Lv+CCGMn95FqedIzJtpotphrzDjySbsfj
DNk6CS+vOfyTXgw3MOcSV1msDxrN93cG0cmftM9vgiH7vocjemMm9f1L4Iuh3QGA
5WLtappnCG3753ZOlR/zwH5tPwPF4eHcG8kPjjOjhj2lSGDGboIJ9EavGtwmIzAI
KnNVaaLkKwkKXl4GkDOTAU+58VhSnrWkvypJ6vn6lk+Do4WMiOMm0ruwKqcUy5c3
5dxsrBrw2oF8HigVubCDpntJuGpaAAg8jQwILAWSysdgKc9UK68C+gB+973obxS0
2JNkllCUUsPucRK5n6+qKrh+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:38 2024 by rpki-client on console-ams.rpki-client.org